城市(city): Central
省份(region): Central and Western District
国家(country): Hong Kong
运营商(isp): PCCW IMS Ltd
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
| 类型 | 评论内容 | 时间 |
|---|---|---|
| attackbots | Web app attack attempt |
2019-12-04 03:13:38 |
| attackspambots | [SatSep2814:27:37.6997652019][:error][pid4918:tid47123242419968][client42.200.106.20:40142][client42.200.106.20]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch"\\\\\\\\.sql\$"atREQUEST_FILENAME.[file"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf"][line"1288"][id"350590"][rev"2"][msg"Atomicorp.comWAFRules:AttackBlocked-Dataleakage-attempttoaccessrawSQLfiles\(disablethisruleifyourequireaccesstofilesthatendwith.sql\)"][severity"CRITICAL"][hostname"www.ilgiornaledelticino.ch"][uri"/xxx.sql"][unique_id"XY9RuTZZ@6h78vMmw87QvQAAAEo"][SatSep2814:27:38.7601872019][:error][pid4696:tid47123265533696][client42.200.106.20:40524][client42.200.106.20]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch"\\\\\\\\.sql\$"atREQUEST_FILENAME.[file"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf"][line"1288"][id"350590"][rev"2"][msg"Atomicorp.comWAFRules:AttackBlocked-Dataleakage-attempttoaccessrawSQLfiles\(disablethisruleifyourequireaccesstofilesthatendwith.sql\)"][severity |
2019-09-29 03:30:44 |
| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 42.200.106.1 | attackbots | Unauthorized connection attempt from IP address 42.200.106.1 on Port 445(SMB) |
2020-10-11 03:02:04 |
| 42.200.106.1 | attackbotsspam | Unauthorized connection attempt from IP address 42.200.106.1 on Port 445(SMB) |
2020-10-10 18:52:54 |
| 42.200.106.101 | attackbotsspam | 1589961388 - 05/20/2020 09:56:28 Host: 42.200.106.101/42.200.106.101 Port: 445 TCP Blocked |
2020-05-20 22:49:57 |
| 42.200.106.90 | attackspambots | Fail2Ban Ban Triggered |
2019-10-31 13:23:44 |
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.200.106.20
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 41915
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.200.106.20. IN A
;; AUTHORITY SECTION:
. 576 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2019092801 1800 900 604800 86400
;; Query time: 442 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Sep 29 03:30:41 CST 2019
;; MSG SIZE rcvd: 117
20.106.200.42.in-addr.arpa domain name pointer 42-200-106-20.static.imsbiz.com.
Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
20.106.200.42.in-addr.arpa name = 42-200-106-20.static.imsbiz.com.
Authoritative answers can be found from:
| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| fe80::227:15ff:fe68:5069 | spambotsnormal | 1192.168.1.4 |
2025-03-18 11:23:08 |
| 192.168.100.18 | normal | 品牌:本腾 型号BENTENG M100 入网许可证号:17-c172-222401 |
2025-03-09 20:22:06 |
| 109.200.187.235 | spambotsattackproxynormal | all.ddnskay.com analyss2.com |
2025-03-02 06:32:29 |
| 167.94.145.104 | botsattackproxy | BOOT SSH |
2025-03-13 13:54:18 |
| 42.134.142.214 | spambotsattackproxynormal | All devices are hacked with jsquery with this ip network address. All devices hacked for 2 years, can’t get rid of this problem due to having an allocation tag. |
2025-02-14 03:55:10 |
| 193.68.89.53 | botsattack | NTP DDoS Inbound Frequent Un-Authed |
2025-02-13 13:48:45 |
| 125.160.229.65 | spambotsproxy | spam nggak jelas sering dm juga |
2025-03-08 10:48:06 |
| 104.152.52.100 | spamattackproxy | VoIP blacklist IP |
2025-03-14 22:09:59 |
| 125.165.154.20 | spambotsattackproxynormal | 125.165.154.20 |
2025-03-18 11:07:40 |
| 142.202.190.228 | bots | 06FG |
2025-02-25 19:37:13 |
| 128.14.116.231 | bots | http://128.14.116.194/ |
2025-03-11 16:42:49 |
| 95.27.20.210 | botsattackproxy | Fraud connect/DDoS |
2025-02-13 22:33:24 |
| 61.140.195.151 | spam | 81000000000011 |
2025-02-25 19:53:58 |
| 189.79.107.245 | attack | theft money |
2025-03-13 23:02:58 |
| 91.206.8.133 | spambotsattackproxynormal | 91.206.8.133 |
2025-03-09 00:20:14 |